package com.sinosoft.antiques.controller;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import javax.servlet.http.HttpSession;

import com.sinosoft.antiques.util.MD5;
import com.sinosoft.commontools.annotated.rquestMethod;
import com.sinosoft.commontools.annotated.rquestMethod.ReqMode;
import com.sinosoft.commontools.record.Record;
import com.sinosoft.dbtools.operate.DBActorMgr;
import com.sinosoft.dbtools.operate.IDBActor;

public class RootController {

	@rquestMethod(MethodNote = ReqMode.All)
	public Record login(HttpServletRequest request,
			HttpServletResponse response, Record data) {
		Record rs = new Record();
		rs.add("status", "Failed");
		try {
			IDBActor actor = DBActorMgr.getDBActor("oraclepool");
			String sql = "select * from u_user where status=1 and ( name='"
					+ data.getStrValue("username") + "' or user_id='"
					+ data.getStrValue("username") + "' )";
			List<Record> list = actor.getRowsForRecord(sql);
			if (list != null && list.size() > 0) {
				Record user = list.get(0);
				String pwd = user.getStrValue("pwd");
				String uid = user.getStrValue("user_id");
				String pwd_ = MD5.md5(uid + data.getStrValue("password"));
				if (pwd_.equals(pwd)) {
					rs.add("status", "OK");
					HttpSession session = request.getSession();
					session.setAttribute("user", user);
					session.setAttribute("username",
							user.getStrValue("user_id"));
					session.setAttribute("userid", user.getIntValue("id"));
					session.setAttribute("loginticket", 1);
				} else {
					rs.add("msg", "密码错误");
				}
			} else {
				rs.add("msg", "用户名错误");
			}
		} catch (Exception e) {
			rs.add("msg", "系统异常");
			e.printStackTrace();
		}
		return rs;
	}

	@rquestMethod(MethodNote = ReqMode.All)
	public Record logout(HttpServletRequest request,
			HttpServletResponse response, Record data){

		Record rs = new Record();
		rs.add("status", "OK");
		try {
			HttpSession session = request.getSession();
			session.invalidate();
		} catch (Exception e) {
			rs.add("status", "Failed");
			rs.add("msg", "系统异常");
			e.printStackTrace();
		}
		return rs;
	}

}
